By using AWS re:Post, you agree to the Terms of Use

Lambda in VPC can't access S3

0

Can't access the S3 file from Lambda in VPC. When trying to access file in S3 from Lambda VPC, it throws timeout error.

Below setup we are done in AWS.

  • Created VPC with Private and Public subnets
  • Created VPC Endpoints for Private subnets
  • Added Lambda (.net core 3.1) in VPC with AWS S3 full access

S3 full access in AWS lambda has given, even though its not access file from S3.

3 Answers
1

I would doublecheck the security group config - If you have added an s3 gateway endpoint the most common misconfiguration I see is forgetting to allow outbound to the s3 prefix list for the region within the security group. See here - "Security group outbound rules" section. If you have used an s3 interface endpoint you need to allow outbound to the interface endpoint itself

EXPERT
answered 6 months ago
0

Are you sure you have 1) deployed lambda into your PRIVATE subnets AND 2) there is route from private subnet to internet via NAT GW in public subnet(s). Even if you have a route to S3 via endpoint, I think you still need internet access as well for lambda to work properly (or maybe you can provide this with additional interface endpoints(?). You can also test sample VPC setups from https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html

profile picture
answered 6 months ago
0

Security Groups (SG)

  • The SG that the Lambda is in has to have Outbound access to the SG containing the VPC Endpoint (VPCE) - outbound is usually ALL for a SG
  • The SG that VPCE is in has to have Inbound permission from the SF containing the Lambda

The above applies even if the Lambda and VPCE are in the same SG -- that is you need an inbound rule from the SG to itself.

Routing

  • By Default you should have a local route in all your route tables. If you changed this, then that could be an issue
profile picture
answered 6 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions